checkmate5 5.1.0.dev1__py3-none-any.whl → 5.1.0.dev2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. checkmate/settings/defaults.py +0 -28
  2. {checkmate5-5.1.0.dev1.dist-info → checkmate5-5.1.0.dev2.dist-info}/METADATA +1 -1
  3. {checkmate5-5.1.0.dev1.dist-info → checkmate5-5.1.0.dev2.dist-info}/RECORD +7 -56
  4. checkmate/contrib/plugins/all/opengrep/__init__.py +0 -0
  5. checkmate/contrib/plugins/all/opengrep/analyzer.py +0 -150
  6. checkmate/contrib/plugins/all/opengrep/issues_data.py +0 -5
  7. checkmate/contrib/plugins/all/opengrep/opengrep_manylinux_x86 +0 -0
  8. checkmate/contrib/plugins/all/opengrep/setup.py +0 -13
  9. checkmate/contrib/plugins/cve/__init__.py +0 -0
  10. checkmate/contrib/plugins/cve/text4shell/__init__.py +0 -0
  11. checkmate/contrib/plugins/cve/text4shell/analyzer.py +0 -64
  12. checkmate/contrib/plugins/cve/text4shell/issues_data.py +0 -8
  13. checkmate/contrib/plugins/cve/text4shell/setup.py +0 -13
  14. checkmate/contrib/plugins/golang/__init__.py +0 -0
  15. checkmate/contrib/plugins/golang/gostaticcheck/__init__.py +0 -0
  16. checkmate/contrib/plugins/golang/gostaticcheck/analyzer.py +0 -94
  17. checkmate/contrib/plugins/golang/gostaticcheck/issues_data.py +0 -1246
  18. checkmate/contrib/plugins/golang/gostaticcheck/setup.py +0 -13
  19. checkmate/contrib/plugins/iac/__init__.py +0 -0
  20. checkmate/contrib/plugins/iac/kubescape/__init__.py +0 -0
  21. checkmate/contrib/plugins/iac/kubescape/analyzer.py +0 -115
  22. checkmate/contrib/plugins/iac/kubescape/issues_data.py +0 -636
  23. checkmate/contrib/plugins/iac/kubescape/setup.py +0 -14
  24. checkmate/contrib/plugins/iac/tfsec/__init__.py +0 -0
  25. checkmate/contrib/plugins/iac/tfsec/analyzer.py +0 -92
  26. checkmate/contrib/plugins/iac/tfsec/issues_data.py +0 -1917
  27. checkmate/contrib/plugins/iac/tfsec/setup.py +0 -13
  28. checkmate/contrib/plugins/java/__init__.py +0 -0
  29. checkmate/contrib/plugins/java/semgrepjava/__init__.py +0 -0
  30. checkmate/contrib/plugins/java/semgrepjava/analyzer.py +0 -96
  31. checkmate/contrib/plugins/java/semgrepjava/issues_data.py +0 -5
  32. checkmate/contrib/plugins/java/semgrepjava/setup.py +0 -13
  33. checkmate/contrib/plugins/javascript/__init__.py +0 -0
  34. checkmate/contrib/plugins/javascript/semgrepeslint/__init__.py +0 -0
  35. checkmate/contrib/plugins/javascript/semgrepeslint/analyzer.py +0 -95
  36. checkmate/contrib/plugins/javascript/semgrepeslint/issues_data.py +0 -6
  37. checkmate/contrib/plugins/javascript/semgrepeslint/setup.py +0 -13
  38. checkmate/contrib/plugins/perl/__init__.py +0 -0
  39. checkmate/contrib/plugins/perl/graudit/__init__.py +0 -0
  40. checkmate/contrib/plugins/perl/graudit/analyzer.py +0 -70
  41. checkmate/contrib/plugins/perl/graudit/issues_data.py +0 -8
  42. checkmate/contrib/plugins/perl/graudit/setup.py +0 -13
  43. checkmate/contrib/plugins/python/__init__.py +0 -0
  44. checkmate/contrib/plugins/python/bandit/__init__.py +0 -0
  45. checkmate/contrib/plugins/python/bandit/analyzer.py +0 -74
  46. checkmate/contrib/plugins/python/bandit/issues_data.py +0 -426
  47. checkmate/contrib/plugins/python/bandit/setup.py +0 -13
  48. checkmate/contrib/plugins/ruby/__init__.py +0 -0
  49. checkmate/contrib/plugins/ruby/brakeman/__init__.py +0 -0
  50. checkmate/contrib/plugins/ruby/brakeman/analyzer.py +0 -96
  51. checkmate/contrib/plugins/ruby/brakeman/issues_data.py +0 -518
  52. checkmate/contrib/plugins/ruby/brakeman/setup.py +0 -13
  53. {checkmate5-5.1.0.dev1.dist-info → checkmate5-5.1.0.dev2.dist-info}/WHEEL +0 -0
  54. {checkmate5-5.1.0.dev1.dist-info → checkmate5-5.1.0.dev2.dist-info}/entry_points.txt +0 -0
  55. {checkmate5-5.1.0.dev1.dist-info → checkmate5-5.1.0.dev2.dist-info}/licenses/LICENSE.txt +0 -0
  56. {checkmate5-5.1.0.dev1.dist-info → checkmate5-5.1.0.dev2.dist-info}/top_level.txt +0 -0
checkmate/contrib/plugins/iac/tfsec/setup.py DELETED
@@ -1,13 +0,0 @@
1
- from .analyzer import TfsecAnalyzer
2
- from .issues_data import issues_data
3
-
4
- analyzers = {
5
- 'tfsec':
6
- {
7
- 'name': 'tfsec',
8
- 'title': 'tfsec',
9
- 'class': TfsecAnalyzer,
10
- 'language': 'iac',
11
- 'issues_data': issues_data,
12
- },
13
- }
checkmate/contrib/plugins/java/__init__.py DELETED
File without changes
checkmate/contrib/plugins/java/semgrepjava/__init__.py DELETED
File without changes
checkmate/contrib/plugins/java/semgrepjava/analyzer.py DELETED
@@ -1,96 +0,0 @@
1
- # -*- coding: utf-8 -*-
2
-
3
-
4
- from checkmate.lib.analysis.base import BaseAnalyzer
5
-
6
- import logging
7
- import os
8
- import tempfile
9
- import json
10
-
11
- import subprocess
12
-
13
- logger = logging.getLogger(__name__)
14
-
15
-
16
- class SemgrepjavaAnalyzer(BaseAnalyzer):
17
-
18
- def __init__(self, *args, **kwargs):
19
- super(SemgrepjavaAnalyzer, self).__init__(*args, **kwargs)
20
- try:
21
- result = subprocess.check_output(
22
- ["semgrep", "--version"],stderr=subprocess.DEVNULL).strip()
23
- except subprocess.CalledProcessError:
24
- logger.error(
25
- "Cannot initialize semgrep analyzer: Executable is missing, please install it.")
26
- raise
27
-
28
- def summarize(self, items):
29
- pass
30
-
31
- def analyze(self, file_revision):
32
- issues = []
33
- tmpdir = "/tmp/"+file_revision.project.pk
34
-
35
- if not os.path.exists(os.path.dirname(tmpdir+"/"+file_revision.path)):
36
- try:
37
- os.makedirs(os.path.dirname(tmpdir+"/"+file_revision.path))
38
- except OSError as exc: # Guard against race condition
39
- if exc.errno != errno.EEXIST:
40
- raise
41
- f = open(tmpdir+"/"+file_revision.path, "wb")
42
-
43
- fout = tempfile.NamedTemporaryFile(suffix=".json", delete=False)
44
- result = {}
45
- try:
46
- with f:
47
- try:
48
- f.write(file_revision.get_file_content())
49
- except UnicodeDecodeError:
50
- pass
51
- try:
52
- result = subprocess.check_output(["semgrep",
53
- "--config",
54
- "/root/find_sec_bugs.yml",
55
- "--no-git-ignore",
56
- "--json",
57
- f.name],
58
- stderr=subprocess.DEVNULL).strip()
59
-
60
- except subprocess.CalledProcessError as e:
61
- if e.returncode == 4:
62
- result = e.output
63
- elif e.returncode == 3:
64
- result = []
65
- pass
66
- else:
67
- result = e.output
68
- pass
69
-
70
-
71
- try:
72
- json_result = json.loads(result)
73
-
74
- for issue in json_result['results']:
75
-
76
- location = (((issue['start']['line'], None),
77
- (issue['start']['line'], None)),)
78
-
79
- if ".java" in file_revision.path or ".jsp" in file_revision.path or ".scala" in file_revision.path:
80
- val = issue['check_id']
81
- val = val.replace("root.","")
82
- val = val.title().replace("_","")
83
-
84
- issues.append({
85
- 'code': val,
86
- 'location': location,
87
- 'data': issue['extra']['message'],
88
- 'file': file_revision.path,
89
- 'line': issue['start']['line'],
90
- 'fingerprint': self.get_fingerprint_from_code(file_revision, location, extra_data=issue['extra']['message'])
91
- })
92
- except:
93
- pass
94
-
95
- finally:
96
- return {'issues': issues}
checkmate/contrib/plugins/java/semgrepjava/issues_data.py DELETED
@@ -1,5 +0,0 @@
1
- # -*- coding: utf-8 -*-
2
-
3
-
4
- issues_data = {
5
- }
checkmate/contrib/plugins/java/semgrepjava/setup.py DELETED
@@ -1,13 +0,0 @@
1
- from .analyzer import SemgrepjavaAnalyzer
2
- from .issues_data import issues_data
3
-
4
- analyzers = {
5
- 'semgrepjava':
6
- {
7
- 'name': 'semgrepjava',
8
- 'title': 'semgrepjava',
9
- 'class': SemgrepjavaAnalyzer,
10
- 'language': 'java',
11
- 'issues_data': issues_data,
12
- },
13
- }
checkmate/contrib/plugins/javascript/__init__.py DELETED
File without changes
checkmate/contrib/plugins/javascript/semgrepeslint/analyzer.py DELETED
@@ -1,95 +0,0 @@
1
- # -*- coding: utf-8 -*-
2
-
3
-
4
- from checkmate.lib.analysis.base import BaseAnalyzer
5
-
6
- import logging
7
- import os
8
- import tempfile
9
- import json
10
- import subprocess
11
-
12
- logger = logging.getLogger(__name__)
13
-
14
-
15
- class SemgrepeslintAnalyzer(BaseAnalyzer):
16
-
17
- def __init__(self, *args, **kwargs):
18
- super(SemgrepeslintAnalyzer, self).__init__(*args, **kwargs)
19
- try:
20
- result = subprocess.check_output(
21
- ["semgrep", "--version"],stderr=subprocess.DEVNULL).strip()
22
- except subprocess.CalledProcessError:
23
- logger.error(
24
- "Cannot initialize semgrep analyzer: Executable is missing, please install it.")
25
- raise
26
-
27
- def summarize(self, items):
28
- pass
29
-
30
- def analyze(self, file_revision):
31
- issues = []
32
- tmpdir = "/tmp/"+file_revision.project.pk
33
-
34
- if not os.path.exists(os.path.dirname(tmpdir+"/"+file_revision.path)):
35
- try:
36
- os.makedirs(os.path.dirname(tmpdir+"/"+file_revision.path))
37
- except OSError as exc: # Guard against race condition
38
- if exc.errno != errno.EEXIST:
39
- raise
40
- f = open(tmpdir+"/"+file_revision.path, "wb")
41
-
42
- fout = tempfile.NamedTemporaryFile(suffix=".json", delete=False)
43
- result = {}
44
- try:
45
- with f:
46
- try:
47
- f.write(file_revision.get_file_content())
48
- except UnicodeDecodeError:
49
- pass
50
- try:
51
- result = subprocess.check_output(["semgrep",
52
- "--config",
53
- "/root/eslint.yml",
54
- "--no-git-ignore",
55
- "--json",
56
- f.name],
57
- stderr=subprocess.DEVNULL).strip()
58
-
59
- except subprocess.CalledProcessError as e:
60
- if e.returncode == 4:
61
- result = e.output
62
- elif e.returncode == 3:
63
- result = []
64
- pass
65
- else:
66
- result = e.output
67
- pass
68
-
69
-
70
- try:
71
- json_result = json.loads(result)
72
-
73
- for issue in json_result['results']:
74
-
75
- location = (((issue['start']['line'], None),
76
- (issue['start']['line'], None)),)
77
-
78
- if ".js" in file_revision.path or ".ts" in file_revision.path:
79
- val = issue['check_id']
80
- val = val.replace("root.","")
81
- val = val.title().replace("_","")
82
-
83
- issues.append({
84
- 'code': val,
85
- 'location': location,
86
- 'data': issue['extra']['message'],
87
- 'file': file_revision.path,
88
- 'line': issue['start']['line'],
89
- 'fingerprint': self.get_fingerprint_from_code(file_revision, location, extra_data=issue['extra']['message'])
90
- })
91
- except:
92
- pass
93
-
94
- finally:
95
- return {'issues': issues}
checkmate/contrib/plugins/javascript/semgrepeslint/issues_data.py DELETED
@@ -1,6 +0,0 @@
1
- # -*- coding: utf-8 -*-
2
-
3
-
4
- issues_data = {
5
-
6
- }
checkmate/contrib/plugins/javascript/semgrepeslint/setup.py DELETED
@@ -1,13 +0,0 @@
1
- from .analyzer import SemgrepeslintAnalyzer
2
- from .issues_data import issues_data
3
-
4
- analyzers = {
5
- 'semgrepeslint':
6
- {
7
- 'name': 'semgrepeslint',
8
- 'title': 'semgrepeslint',
9
- 'class': SemgrepeslintAnalyzer,
10
- 'language': 'javascript',
11
- 'issues_data': issues_data,
12
- },
13
- }
checkmate/contrib/plugins/perl/__init__.py DELETED
File without changes
checkmate/contrib/plugins/perl/graudit/__init__.py DELETED
File without changes
checkmate/contrib/plugins/perl/graudit/analyzer.py DELETED
@@ -1,70 +0,0 @@
1
- # -*- coding: utf-8 -*-
2
-
3
-
4
- from checkmate.lib.analysis.base import BaseAnalyzer
5
-
6
- import logging
7
- import os
8
- import tempfile
9
- import json
10
- import subprocess
11
-
12
- logger = logging.getLogger(__name__)
13
-
14
-
15
- class GrauditAnalyzer(BaseAnalyzer):
16
-
17
- def __init__(self, *args, **kwargs):
18
- super(GrauditAnalyzer, self).__init__(*args, **kwargs)
19
-
20
- def summarize(self, items):
21
- pass
22
-
23
- def analyze(self, file_revision):
24
- issues = []
25
- result = ""
26
- f = tempfile.NamedTemporaryFile(delete=False)
27
- try:
28
- with f:
29
- try:
30
- f.write(file_revision.get_file_content())
31
- except UnicodeDecodeError:
32
- pass
33
- try:
34
- result = subprocess.check_output(["/root/graudit/graudit",
35
- "-d",
36
- "/root/graudit/signatures/perl.db",
37
- f.name],
38
- stderr=subprocess.DEVNULL).strip()
39
- except subprocess.CalledProcessError as e:
40
- pass
41
- try:
42
- json_result = json.loads(result)
43
- except ValueError:
44
- json_result = {}
45
- pass
46
-
47
- try:
48
- for issue in json_result:
49
- line = issue["line"]
50
- line = int(line)
51
- location = (((line, line),
52
- (line, None)),)
53
-
54
- if ".pl" in file_revision.path:
55
- issues.append({
56
- 'code': "I001",
57
- 'location': location,
58
- 'data': issue["data"],
59
- 'file': file_revision.path,
60
- 'line': line,
61
- 'fingerprint': self.get_fingerprint_from_code(file_revision, location, extra_data=issue["data"])
62
- })
63
-
64
- except KeyError:
65
- pass
66
-
67
- finally:
68
- os.unlink(f.name)
69
- return {'issues': issues}
70
-
checkmate/contrib/plugins/perl/graudit/issues_data.py DELETED
@@ -1,8 +0,0 @@
1
- issues_data = {
2
- "I001": {
3
- "title": "Perl insecurity",
4
- "description": "%(issue.data)s",
5
- "severity": 3,
6
- "categories": []
7
- }
8
- }
checkmate/contrib/plugins/perl/graudit/setup.py DELETED
@@ -1,13 +0,0 @@
1
- from .analyzer import GrauditAnalyzer
2
- from .issues_data import issues_data
3
-
4
- analyzers = {
5
- 'graudit':
6
- {
7
- 'name': 'graudit',
8
- 'title': 'graudit',
9
- 'class': GrauditAnalyzer,
10
- 'language': 'perl',
11
- 'issues_data': issues_data,
12
- },
13
- }
checkmate/contrib/plugins/python/__init__.py DELETED
File without changes
checkmate/contrib/plugins/python/bandit/__init__.py DELETED
File without changes
checkmate/contrib/plugins/python/bandit/analyzer.py DELETED
@@ -1,74 +0,0 @@
1
- # -*- coding: utf-8 -*-
2
-
3
-
4
- from checkmate.lib.analysis.base import BaseAnalyzer
5
-
6
- import logging
7
- import os
8
- import tempfile
9
- import json
10
- import subprocess
11
-
12
- logger = logging.getLogger(__name__)
13
-
14
-
15
- class BanditAnalyzer(BaseAnalyzer):
16
-
17
- def __init__(self, *args, **kwargs):
18
- super(BanditAnalyzer, self).__init__(*args, **kwargs)
19
- try:
20
- result = subprocess.check_output(["bandit", "--version"],stderr=subprocess.DEVNULL).strip()
21
- except subprocess.CalledProcessError:
22
- logger.error(
23
- "Cannot initialize Bandit analyzer: Executable is missing, please install it.")
24
- raise
25
-
26
- def summarize(self, items):
27
- pass
28
-
29
- def analyze(self, file_revision):
30
- issues = []
31
- f = tempfile.NamedTemporaryFile(delete=False)
32
- try:
33
- with f:
34
- try:
35
- f.write(file_revision.get_file_content())
36
- except UnicodeDecodeError:
37
- pass
38
- try:
39
- result = subprocess.check_output(["bandit",
40
- f.name,
41
- "-f",
42
- "json"],
43
- stderr=subprocess.DEVNULL).strip()
44
- except subprocess.CalledProcessError as e:
45
- if e.returncode == 2:
46
- result = e.output
47
- pass
48
- elif e.returncode == 1:
49
- result = e.output
50
- pass
51
- else:
52
- result = []
53
- pass
54
-
55
- json_result = json.loads(result)
56
-
57
- for issue in json_result['results']:
58
-
59
- location = (((issue['line_number'], None),
60
- (issue['line_number'], None)),)
61
-
62
- if ".py" in file_revision.path:
63
- issues.append({
64
- 'code': issue['test_id'],
65
- 'location': location,
66
- 'data': issue['issue_text'],
67
- 'file': file_revision.path,
68
- 'line': issue['line_number'],
69
- 'fingerprint': self.get_fingerprint_from_code(file_revision, location, extra_data=issue['issue_text'])
70
- })
71
-
72
- finally:
73
- os.unlink(f.name)
74
- return {'issues': issues}